package com.ztesoft.book.core.aliyun.oss.service.impl;

import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.auth.sts.AssumeRoleRequest;
import com.aliyuncs.auth.sts.AssumeRoleResponse;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.ztesoft.book.core.aliyun.oss.dto.STSResponse;
import com.ztesoft.book.core.aliyun.oss.service.STSService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;

/**
 * @author sunhanyue
 * @date 2020/3/13
 */
@Slf4j
@Service
public class STSServiceImpl implements STSService {


    @Override
    public STSResponse getSTSCredentials(
            String accessKeyId, String accessKeySecret, String roleArn, String roleSessionName) throws ClientException {
        String endpoint = "sts.aliyuncs.com";
        String policy = "{\"Statement\": [{\"Action\": \"oss:*\", \"Effect\": \"Allow\", \"Resource\": \"*\" }],\"Version\": \"1\"}";
        //构造default profile（参数留空，无需添加Region ID）
        IClientProfile profile = DefaultProfile.getProfile("", accessKeyId, accessKeySecret);
        //用profile构造client
        DefaultAcsClient client = new DefaultAcsClient(profile);
        final AssumeRoleRequest request = new AssumeRoleRequest();
        request.setSysEndpoint(endpoint);
        request.setSysMethod(MethodType.POST);
        request.setRoleArn(roleArn);
        request.setRoleSessionName(roleSessionName);
        request.setPolicy(policy);
        final AssumeRoleResponse response = client.getAcsResponse(request);
        STSResponse stsResponse = new STSResponse();
        stsResponse.setExpiration(response.getCredentials()
                .getExpiration());
        stsResponse.setAccessKeyId(response.getCredentials()
                .getAccessKeyId());
        stsResponse.setAccessKeySecret(response.getCredentials()
                .getAccessKeySecret());
        stsResponse.setSecurityToken(response.getCredentials()
                .getSecurityToken());
        return stsResponse;
    }


    public static void main(String[] args) {
//        String endpoint = "sts.aliyuncs.com";
//        String accessKeyId = "LTAI4FhYuXc5tukxWm9KwV3Z";
//        String accessKeySecret = "xq3zUs0L1gYkDXoep4XmylEMBRr3Se";
//        String roleArn = "acs:ram::1501322725625838:role/ramosstest";
//        String roleSessionName = "ceshi111";
//        String policy = "{\"Statement\": [{\"Action\": \"oss:*\", \"Effect\": \"Allow\", \"Resource\": \"*\" }],\"Version\": \"1\"}";
//        try {
//            //构造default profile（参数留空，无需添加Region ID）
//            IClientProfile profile = DefaultProfile.getProfile("", accessKeyId, accessKeySecret);
//            //用profile构造client
//
//            final AssumeRoleRequest request = new AssumeRoleRequest();
//            request.setSysEndpoint(endpoint);
//            request.setSysMethod(MethodType.POST);
//            request.setRoleArn(roleArn);
//            request.setRoleSessionName(roleSessionName);
//            request.setPolicy(policy);
//            // 设置凭证有效时间
//            request.setDurationSeconds(3600L);
//
//
//        }
//        catch (ClientException e) {
//            log.error(e.getMessage());
//        }
    }
}
